CVE-2019-1687 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1687
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition. Una vulnerabilidad en la funcionalidad de proxy TCP para el software Adaptive Security Appliance (ASA) de Cisco y el software Firepower Threat Defense (FTD) de Cisco, podría permitir que un atacante remoto no identificado cause que el dispositivo se reinicie inesperadamente, dando como resultado una condición de Denegación de Servicio (DoS) . • http://www.securityfocus.com/bid/108176 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos • CWE-20: Improper Input Validation •
CVE-2018-15465 – Cisco Adaptive Security Appliance Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-15465
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of user privileges when using the web management interface. An attacker could exploit this vulnerability by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user. An exploit could allow the attacker to retrieve files (including the running configuration) from the device or to upload and replace software images on the device. Una vulnerabilidad en el subsistema de autorización de Cisco Adaptive Security Appliance (ASA) Software podría permitir que un atacante remoto autenticado, pero sin privilegios (niveles 0 y 1), realice acciones privilegiadas mediante el uso de la interfaz de gestión web. • http://www.securityfocus.com/bid/106256 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181219-asa-privesc https://www.tenable.com/security/research/tra-2018-46 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVE-2018-15454 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15454
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available. Una vulnerabilidad en el motor de inspección SIP (Session Initiation Protocol) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado provoque que un dispositivo afectado se recargue o el alto uso de recursos de la CPU, lo que resulta en una denegación de servicio (DoS). • http://www.securityfocus.com/bid/105768 http://www.securitytracker.com/id/1042129 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos • CWE-20: Improper Input Validation •
CVE-2018-0228
https://notcve.org/view.php?id=CVE-2018-0228
A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. • http://www.securityfocus.com/bid/104220 http://www.securitytracker.com/id/1040724 https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2 • CWE-20: Improper Input Validation CWE-667: Improper Locking •
CVE-2018-0231
https://notcve.org/view.php?id=CVE-2018-0231
A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. • http://www.securitytracker.com/id/1040725 https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •